Skills
skills/v112263/it-autonomos-spain/content-add-internal-links-to-article/Gen Agent Trust Hub

content-add-internal-links-to-article

Pass

Audited by Gen Agent Trust Hub on Mar 3, 2026

Risk Level: SAFEPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it reads and processes the content of articles provided via the $ARGUMENTS path.
  • Ingestion points: Reads the article file content and local JSON databases.
  • Boundary markers: None present; the agent processes the article text directly to find matching terms.
  • Capability inventory: Uses Read, Edit, Grep, and Glob tools to modify the filesystem.
  • Sanitization: No explicit sanitization or instruction to ignore embedded commands within the article content is provided.
  • [DATA_EXFILTRATION]: The skill performs file system operations that involve traversing to a sibling directory (../spain-life-guide/) to retrieve configuration data. While this is part of the intended multi-project cross-linking logic, it demonstrates a capability to access files outside the immediate project root.
  • [COMMAND_EXECUTION]: The skill uses the Edit tool to programmatically modify markdown files based on logic derived from the article content and the link databases. This is a high-privilege operation within the context of the workspace.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 3, 2026, 05:00 PM